Documentation
¶
Index ¶
- type FileData
- type MESSAGE_LEVEL
- type MythicRPCAgentstorageCreateMessage
- type MythicRPCAgentstorageCreateMessageResponse
- type MythicRPCAgentstorageRemoveMessage
- type MythicRPCAgentstorageRemoveMessageResponse
- type MythicRPCAgentstorageSearchMessage
- type MythicRPCAgentstorageSearchMessageResponse
- type MythicRPCAgentstorageSearchResult
- type MythicRPCArtifactCreateMessage
- type MythicRPCArtifactCreateMessageResponse
- type MythicRPCArtifactSearchMessage
- type MythicRPCArtifactSearchMessageResponse
- type MythicRPCArtifactearchArtifactData
- type MythicRPCCallbackAddCommandMessage
- type MythicRPCCallbackAddCommandMessageResponse
- type MythicRPCCallbackCreateMessage
- type MythicRPCCallbackCreateMessageResponse
- type MythicRPCCallbackDecryptBytesMessage
- type MythicRPCCallbackDecryptBytesMessageResponse
- type MythicRPCCallbackDisplayToRealIdSearchMessage
- type MythicRPCCallbackDisplayToRealIdSearchMessageResponse
- type MythicRPCCallbackEdgeSearchMessage
- type MythicRPCCallbackEdgeSearchMessageResponse
- type MythicRPCCallbackEdgeSearchMessageResult
- type MythicRPCCallbackEncryptBytesMessage
- type MythicRPCCallbackEncryptBytesMessageResponse
- type MythicRPCCallbackRemoveCommandMessage
- type MythicRPCCallbackRemoveCommandMessageResponse
- type MythicRPCCallbackSearchCommandData
- type MythicRPCCallbackSearchCommandMessage
- type MythicRPCCallbackSearchCommandMessageResponse
- type MythicRPCCallbackSearchMessage
- type MythicRPCCallbackSearchMessageResponse
- type MythicRPCCallbackSearchMessageResult
- type MythicRPCCallbackTokenCreateMessage
- type MythicRPCCallbackTokenCreateMessageResponse
- type MythicRPCCallbackTokenData
- type MythicRPCCallbackTokenRemoveCallbackTokenData
- type MythicRPCCallbackTokenRemoveMessage
- type MythicRPCCallbackTokenRemoveMessageResponse
- type MythicRPCCallbackUpdateMessage
- type MythicRPCCallbackUpdateMessageResponse
- type MythicRPCCommandSearchCommandData
- type MythicRPCCommandSearchMessage
- type MythicRPCCommandSearchMessageResponse
- type MythicRPCCredentialCreateCredentialData
- type MythicRPCCredentialCreateMessage
- type MythicRPCCredentialCreateMessageResponse
- type MythicRPCCredentialSearchCredentialData
- type MythicRPCCredentialSearchMessage
- type MythicRPCCredentialSearchMessageResponse
- type MythicRPCFileBrowserCreateFileBrowserData
- type MythicRPCFileBrowserCreateMessage
- type MythicRPCFileBrowserCreateMessageResponse
- type MythicRPCFileBrowserRemoveFileBrowserData
- type MythicRPCFileBrowserRemoveMessage
- type MythicRPCFileBrowserRemoveMessageResponse
- type MythicRPCFileCreateMessage
- type MythicRPCFileCreateMessageResponse
- type MythicRPCFileGetContentMessage
- type MythicRPCFileGetContentMessageResponse
- type MythicRPCFileSearchMessage
- type MythicRPCFileSearchMessageResponse
- type MythicRPCFileUpdateMessage
- type MythicRPCFileUpdateMessageResponse
- type MythicRPCKeylogCreateMessage
- type MythicRPCKeylogCreateMessageResponse
- type MythicRPCKeylogCreateProcessData
- type MythicRPCKeylogSearchKeylogData
- type MythicRPCKeylogSearchMessage
- type MythicRPCKeylogSearchMessageResponse
- type MythicRPCOperationEventLogCreateMessage
- type MythicRPCOperationEventLogCreateMessageResponse
- type MythicRPCOtherServiceRPCMessage
- type MythicRPCOtherServiceRPCMessageResponse
- type MythicRPCPayloadAddCommandMessage
- type MythicRPCPayloadAddCommandMessageResponse
- type MythicRPCPayloadCreateFromScratchMessage
- type MythicRPCPayloadCreateFromScratchMessageResponse
- type MythicRPCPayloadCreateFromUUIDMessage
- type MythicRPCPayloadCreateFromUUIDMessageResponse
- type MythicRPCPayloadGetContentMessage
- type MythicRPCPayloadGetContentMessageResponse
- type MythicRPCPayloadOnHostCreateData
- type MythicRPCPayloadOnHostCreateMessage
- type MythicRPCPayloadOnHostCreateMessageResponse
- type MythicRPCPayloadRemoveCommandMessage
- type MythicRPCPayloadRemoveCommandMessageResponse
- type MythicRPCPayloadSearchBuildParameter
- type MythicRPCPayloadSearchMessage
- type MythicRPCPayloadSearchMessageResponse
- type MythicRPCPayloadUpdateBuildStepMessage
- type MythicRPCPayloadUpdateBuildStepMessageResponse
- type MythicRPCProcessCreateMessage
- type MythicRPCProcessCreateMessageResponse
- type MythicRPCProcessCreateProcessData
- type MythicRPCProcessSearchMessage
- type MythicRPCProcessSearchMessageResponse
- type MythicRPCProcessSearchProcessData
- type MythicRPCProxyStartMessage
- type MythicRPCProxyStartMessageResponse
- type MythicRPCProxyStopMessage
- type MythicRPCProxyStopMessageResponse
- type MythicRPCResponse
- type MythicRPCResponseCreateMessage
- type MythicRPCResponseCreateMessageResponse
- type MythicRPCResponseSearchMessage
- type MythicRPCResponseSearchMessageResponse
- type MythicRPCTaskCreateMessage
- type MythicRPCTaskCreateMessageResponse
- type MythicRPCTaskCreateSubtaskGroupMessage
- type MythicRPCTaskCreateSubtaskGroupMessageResponse
- type MythicRPCTaskCreateSubtaskGroupTasks
- type MythicRPCTaskCreateSubtaskMessage
- type MythicRPCTaskCreateSubtaskMessageResponse
- type MythicRPCTaskDisplayToRealIdSearchMessage
- type MythicRPCTaskDisplayToRealIdSearchMessageResponse
- type MythicRPCTaskSearchMessage
- type MythicRPCTaskSearchMessageResponse
- type MythicRPCTaskUpdateMessage
- type MythicRPCTaskUpdateMessageResponse
- type MythicRPCTokenCreateMessage
- type MythicRPCTokenCreateMessageResponse
- type MythicRPCTokenCreateTokenData
- type MythicRPCTokenRemoveMessage
- type MythicRPCTokenRemoveMessageResponse
- type MythicRPCTokenRemoveTokenData
- type PTTaskMessageTaskData
- type PayloadConfiguration
- type PayloadConfigurationBuildParameter
- type PayloadConfigurationC2Profile
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type FileData ¶
type FileData struct {
AgentFileId string `json:"agent_file_id"`
Filename string `json:"filename"`
Comment string `json:"comment"`
Complete bool `json:"complete"`
IsPayload bool `json:"is_payload"`
IsDownloadFromAgent bool `json:"is_download_from_agent"`
IsScreenshot bool `json:"is_screenshot"`
FullRemotePath string `json:"full_remote_path"`
Host string `json:"host"`
TaskID int `json:"task_id"`
Md5 string `json:"md5"`
Sha1 string `json:"sha1"`
Timestamp time.Time `json:"timestamp"`
Command string `json:"cmd"`
Tags []string `json:"tags"`
}
type MESSAGE_LEVEL ¶
type MESSAGE_LEVEL = string
const ( MESSAGE_LEVEL_INFO MESSAGE_LEVEL = "info" MESSAGE_LEVEL_WARNING = "warning" )
type MythicRPCAgentstorageCreateMessageResponse ¶
type MythicRPCAgentstorageCreateMessageResponse struct {
Success bool `json:"success"`
Error string `json:"error"`
}
func SendMythicRPCAgentStorageCreate ¶
func SendMythicRPCAgentStorageCreate(input MythicRPCAgentstorageCreateMessage) (*MythicRPCAgentstorageCreateMessageResponse, error)
SendMythicRPCAgentStorageCreate - Create a new entry in the agentstorage table within Mythic. This can be used to store arbitrary data that the agent/c2 profile might need later on and used a way to share data.
type MythicRPCAgentstorageRemoveMessage ¶
type MythicRPCAgentstorageRemoveMessage struct {
// UniqueID (Required) - The unique identifier to search for in the database to remove
UniqueID string `json:"unique_id"`
}
type MythicRPCAgentstorageRemoveMessageResponse ¶
type MythicRPCAgentstorageRemoveMessageResponse struct {
Success bool `json:"success"`
Error string `json:"error"`
}
func SendMythicRPCAgentStorageRemove ¶
func SendMythicRPCAgentStorageRemove(input MythicRPCAgentstorageRemoveMessage) (*MythicRPCAgentstorageRemoveMessageResponse, error)
SendMythicRPCAgentStorageRemove - Remove a specific entry from the agentstorage table within Mythic.
type MythicRPCAgentstorageSearchMessage ¶
type MythicRPCAgentstorageSearchMessage struct {
// SearchUniqueID (Required) - The unique identifier you supplied when creating the data that you're searching for
SearchUniqueID string `json:"unique_id"` // required
}
type MythicRPCAgentstorageSearchMessageResponse ¶
type MythicRPCAgentstorageSearchMessageResponse struct {
Success bool `json:"success"`
Error string `json:"error"`
AgentStorageMessages []MythicRPCAgentstorageSearchResult `json:"agentstorage_messages"`
}
func SendMythicRPCAgentStorageSearch ¶
func SendMythicRPCAgentStorageSearch(input MythicRPCAgentstorageSearchMessage) (*MythicRPCAgentstorageSearchMessageResponse, error)
SendMythicRPCAgentStorageSearch - Search for a specific entry within the agentstorage table and fetch the results.
type MythicRPCArtifactCreateMessage ¶
type MythicRPCArtifactCreateMessage struct {
// TaskID (Required) - the task associated with this new artifact for Mythic to track
TaskID int `json:"task_id"`
// ArtifactMessage (Required) - the actual artifact string you want to store
ArtifactMessage string `json:"message"`
// BaseArtifactType (Required) - what kind of artifact is it? Process Create? File Removal? etc
BaseArtifactType string `json:"base_artifact"`
// ArtifactHost (Optional) - what's the hostname for where this artifact happened? If none is specified, it's assumed to be the same host where the task ran
ArtifactHost *string `json:"host,omitempty"`
}
type MythicRPCArtifactCreateMessageResponse ¶
type MythicRPCArtifactCreateMessageResponse struct {
Success bool `json:"success"`
Error string `json:"error"`
}
func SendMythicRPCArtifactCreate ¶
func SendMythicRPCArtifactCreate(input MythicRPCArtifactCreateMessage) (*MythicRPCArtifactCreateMessageResponse, error)
SendMythicRPCArtifactCreate - Create a new artifact for Mythic to track.
type MythicRPCArtifactSearchMessage ¶
type MythicRPCArtifactSearchMessage struct {
// TaskID (Required) - What is the current task that's searching for artifact information.
TaskID int `json:"task_id"`
// SearchArtifacts (Required) - Additional structure of data used to search artifacts.
SearchArtifacts MythicRPCArtifactearchArtifactData `json:"artifact"`
}
type MythicRPCArtifactSearchMessageResponse ¶
type MythicRPCArtifactSearchMessageResponse struct {
Success bool `json:"success"`
Error string `json:"error"`
Artifacts []MythicRPCArtifactearchArtifactData `json:"artifacts"`
}
func SendMythicRPCArtifactSearch ¶
func SendMythicRPCArtifactSearch(input MythicRPCArtifactSearchMessage) (*MythicRPCArtifactSearchMessageResponse, error)
SendMythicRPCArtifactSearch - Search for artifacts that are tracked by Mythic.
type MythicRPCArtifactearchArtifactData ¶
type MythicRPCArtifactearchArtifactData struct {
// Host (Optional) - When searching, you can filter your artifacts by the hostname.
// As a response, this will always be populated.
Host *string `json:"host" ` // optional
// ArtifactType (Optional) - When searching, you can filter your artifacts by the type of artifact.
// As a response, this will always be populated.
ArtifactType *string `json:"artifact_type"` //optional
// ArtifactMessage (Optional) - When searching, you can filter your artifacts by what the message contains.
// As a response, this will always be populated.
ArtifactMessage *string `json:"artifact_message"` //optional
// TaskID (Optional) - When searching, you can filter your artifacts to those created by a certain task.
// As a response, this will always be populated.
TaskID *int `json:"task_id"` //optional
}
type MythicRPCCallbackAddCommandMessage ¶
type MythicRPCCallbackAddCommandMessage struct {
// TaskID (Required) - What task is trying to add commands. This will add commands to the callback associated with this task.
TaskID int `json:"task_id"` // required
// Commands (Required) - The names of the commands you want to add. If they're already added, then they are skipped.
Commands []string `json:"commands"` // required
}
type MythicRPCCallbackAddCommandMessageResponse ¶
type MythicRPCCallbackAddCommandMessageResponse struct {
Success bool `json:"success"`
Error string `json:"error"`
}
func SendMythicRPCCallbackAddCommand ¶
func SendMythicRPCCallbackAddCommand(input MythicRPCCallbackAddCommandMessage) (*MythicRPCCallbackAddCommandMessageResponse, error)
SendMythicRPCCallbackAddCommand - Register new commands as being "loaded" into the current callback. This makes them available for tasking through the UI.
type MythicRPCCallbackCreateMessage ¶
type MythicRPCCallbackCreateMessage struct {
// PayloadUUID (Required) - What is the UUID of the payload that this new callback will be based on
PayloadUUID string `json:"payload_uuid"`
// C2ProfileName (Required) - What is the name of the C2 Profile that this agent is communicating over.
C2ProfileName string `json:"c2_profile"`
// EncryptionKey (Optional) - Specify a custom encryption key for use with this callback instead of the
// C2 profile/Payload's encryption keys.
EncryptionKey *[]byte `json:"encryption_key"`
// DecryptionKey (Optional) - Specify a custom decryption key for use with this callback instead of the
// C2 profile/Payload's decryption keys
DecryptionKey *[]byte `json:"decryption_key"`
// CryptoType (Optional) - What kind of crypto is being used? aes256_hmac? none? something else?
CryptoType string `json:"crypto_type"`
// User (Optional) - What is the username associated with this new callback
User string `json:"user"`
// Host (Optional) - What is the hostname associated with this new callback
Host string `json:"host"`
// PID (Optional) - What is the PID associated with this new callback
PID int `json:"pid"`
// ExtraInfo (Optional) - Additional information you can store with the callback for context or tracking
ExtraInfo string `json:"extra_info"`
// SleepInfo (Optional) - Additional context information about the current sleep data for this callback
SleepInfo string `json:"sleep_info"`
// Ip (Optional) - The IP associated with this callback. Use this if you just want to set a single IP address for the callback.
Ip string `json:"ip"`
// IPs (Optional) - The array of IP addresses associated with this callback. Use this if you have multiple IP addresses
// for the callback and want to return them all for the operator to view
IPs []string `json:"ips"`
// ExternalIP (Optional) - The external IP address associated with this callback
ExternalIP string `json:"external_ip"`
// IntegrityLevel (Optional) - The integrity level associated with the callback.
// 0 is Unknown, 1 is Low integrity, 2 is Medium integrity, 3 is High integrity, 4 is SYSTEM integrity.
// 3 and above will result in a red interact button (if you're root, you should return 3+).
IntegrityLevel int `json:"integrity_level"`
// Os (Optional) - More detailed OS information than simply the "Windows", "macOS", "Linux", etc associated
// with the payload
Os string `json:"os"`
// Domain (Optional) - the domain associated with the callback.
Domain string `json:"domain"`
// Architecture (Optional) - The architecture of the callback (x86, x64, arm64, etc)
Architecture string `json:"architecture"`
// Description (Optional) - Set a description for the new callback
Description string `json:"description"`
// ProcessName (Optional) - The name of process associated with the new callback.
ProcessName string `json:"process_name" mapstructure:"process_name"`
}
type MythicRPCCallbackCreateMessageResponse ¶
type MythicRPCCallbackCreateMessageResponse struct {
Success bool `json:"success"`
Error string `json:"error"`
// CallbackUUID - The AgentCallbackID for the new callback that was created.
CallbackUUID string `json:"callback_uuid"`
}
func SendMythicRPCCallbackCreate ¶
func SendMythicRPCCallbackCreate(input MythicRPCCallbackCreateMessage) (*MythicRPCCallbackCreateMessageResponse, error)
SendMythicRPCCallbackCreate - Register a new callback within Mythic
type MythicRPCCallbackDecryptBytesMessage ¶
type MythicRPCCallbackDecryptBytesMessage struct {
// AgentCallbackUUID (Required) - The UUID for the callback that will decrypt the message
AgentCallbackUUID string `json:"agent_callback_id"`
// Message (Required) - The actual encrypted message you want to decrypt
Message []byte `json:"message"`
// IncludesUUID (Optional) - Does the Message include the UUID or not?
IncludesUUID bool `json:"include_uuid"`
// IsBase64Encoded (Optional) - Is the Message base64 encoded, or is it just the raw bytes?
IsBase64Encoded bool `json:"base64_message"`
}
type MythicRPCCallbackDecryptBytesMessageResponse ¶
type MythicRPCCallbackDecryptBytesMessageResponse struct {
Success bool `json:"success"`
Error string `json:"error"`
Message []byte `json:"message"`
}
func SendMythicRPCCallbackDecryptBytes ¶
func SendMythicRPCCallbackDecryptBytes(input MythicRPCCallbackDecryptBytesMessage) (*MythicRPCCallbackDecryptBytesMessageResponse, error)
SendMythicRPCCallbackDecryptBytes - Ask Mythic to look up the associated callback and decrypt a message for that callback
type MythicRPCCallbackDisplayToRealIdSearchMessage ¶
type MythicRPCCallbackDisplayToRealIdSearchMessage struct {
// CallbackDisplayID (Required) - The display id that the operator sees for a callback (i.e. 1, 2, 3, etc).
// The display ID is always incremental within each operation. So, each operation will have a callback1 for example.
CallbackDisplayID int `json:"callback_display_id"`
// OperationName (Optional) - The name of the operation associated with the callback.
// Either OperationName or OperationID must be supplied to give context for the CallbackDisplayID
OperationName *string `json:"operation_name"`
// OperationID (Opational) - The ID of the operation associated with the callback.
// Either OperationName or OperationID must be supplied to give context for the CallbackDisplayID
OperationID *int `json:"operation_id"`
}
type MythicRPCCallbackDisplayToRealIdSearchMessageResponse ¶
type MythicRPCCallbackDisplayToRealIdSearchMessageResponse struct {
Success bool `json:"success"`
Error string `json:"error"`
CallbackID int `json:"callback_id"`
}
Every mythicRPC function call must return a response that includes the following two values
func SendMythicRPCCallbackDisplayToRealIdSearch ¶
func SendMythicRPCCallbackDisplayToRealIdSearch(input MythicRPCCallbackDisplayToRealIdSearchMessage) (*MythicRPCCallbackDisplayToRealIdSearchMessageResponse, error)
SendMythicRPCCallbackDisplayToRealIdSearch - Convert a generic CallbackDisplayID to a unique CallbackID for use with other RPC calls.
type MythicRPCCallbackEdgeSearchMessage ¶ added in v1.2.2
type MythicRPCCallbackEdgeSearchMessageResponse ¶ added in v1.2.2
type MythicRPCCallbackEdgeSearchMessageResponse struct {
Success bool `json:"success"`
Error string `json:"error"`
Results []MythicRPCCallbackEdgeSearchMessageResult `json:"results"`
}
func SendMythicRPCCallbackEdgeSearch ¶ added in v1.2.2
func SendMythicRPCCallbackEdgeSearch(input MythicRPCCallbackEdgeSearchMessage) (*MythicRPCCallbackEdgeSearchMessageResponse, error)
type MythicRPCCallbackEdgeSearchMessageResult ¶ added in v1.2.2
type MythicRPCCallbackEdgeSearchMessageResult struct {
ID int `mapstructure:"id" json:"id"`
StartTimestamp time.Time `mapstructure:"start_timestamp" json:"start_timestamp"`
EndTimestamp time.Time `mapstructure:"end_timestamp" json:"end_timestamp"`
Source MythicRPCCallbackSearchMessageResult `mapstructure:"source" json:"source"`
Destination MythicRPCCallbackSearchMessageResult `mapstructure:"destination" json:"destination"`
C2Profile string `mapstructure:"c2profile" json:"c2profile"`
}
type MythicRPCCallbackEncryptBytesMessage ¶
type MythicRPCCallbackEncryptBytesMessage struct {
// AgentCallbackUUID (Required) - The UUID for the callback that will encrypt the message
AgentCallbackUUID string `json:"agent_callback_id"` //required
// Message (Required) - The actual encrypted message you want to encrypt
Message []byte `json:"message"`
// IncludeUUID (Optional) - Should the encrypted message include the UUID in front?
IncludeUUID bool `json:"include_uuid"`
// Base64ReturnMessage (Optional) - Should the resulting Message be base64 encoded or left as raw bytes?
Base64ReturnMessage bool `json:"base64_message"`
}
type MythicRPCCallbackEncryptBytesMessageResponse ¶
type MythicRPCCallbackEncryptBytesMessageResponse struct {
Success bool `json:"success"`
Error string `json:"error"`
Message []byte `json:"message"`
}
func SendMythicRPCCallbackEncryptBytes ¶
func SendMythicRPCCallbackEncryptBytes(input MythicRPCCallbackEncryptBytesMessage) (*MythicRPCCallbackEncryptBytesMessageResponse, error)
SendMythicRPCCallbackEncryptBytes - Ask Mythic to encrypt a message for a specific callback UUID.
type MythicRPCCallbackRemoveCommandMessage ¶
type MythicRPCCallbackRemoveCommandMessage struct {
// TaskID (Required) - The task id that's going to remove commands from the associated callback.
TaskID int `json:"task_id"` // required
// Commands (Required) - The list of command names to be removed from the callback. If the command isn't loaded
// within the callback, then it's skipped
Commands []string `json:"commands"` // required
}
type MythicRPCCallbackRemoveCommandMessageResponse ¶
type MythicRPCCallbackRemoveCommandMessageResponse struct {
Success bool `json:"success"`
Error string `json:"error"`
}
func SendMythicRPCCallbackRemoveCommand ¶
func SendMythicRPCCallbackRemoveCommand(input MythicRPCCallbackRemoveCommandMessage) (*MythicRPCCallbackRemoveCommandMessageResponse, error)
SendMythicRPCCallbackRemoveCommand - Remove commands from a certain callback. This is helpful if you want to unload certain functionality that might have been temporarily loaded in the first place.
type MythicRPCCallbackSearchCommandData ¶
type MythicRPCCallbackSearchCommandData struct {
Name string `json:"cmd"`
Version int `json:"version"`
Attributes map[string]interface{} `json:"attributes"`
NeedsAdmin bool `json:"needs_admin"`
HelpCmd string `json:"help_cmd"`
Description string `json:"description"`
SupportedUiFeatures []string `json:"supported_ui_features"`
Author string `json:"author"`
ScriptOnly bool `json:"script_only"`
}
type MythicRPCCallbackSearchCommandMessage ¶
type MythicRPCCallbackSearchCommandMessage struct {
CallbackID *int `json:"callback_id,omitempty"`
TaskID *int `json:"task_id,omitempty"`
SearchCommandNames *[]string `json:"command_names,omitempty"`
SearchSupportedUIFeatures *string `json:"supported_ui_features,omitempty"`
SearchScriptOnly *bool `json:"script_only,omitempty"`
// this is an exact match search
SearchAttributes map[string]interface{} `json:"params,omitempty"`
}
type MythicRPCCallbackSearchCommandMessageResponse ¶
type MythicRPCCallbackSearchCommandMessageResponse struct {
Success bool `json:"success"`
Error string `json:"error"`
Commands []MythicRPCCommandSearchCommandData `json:"commands"`
}
Every mythicRPC function call must return a response that includes the following two values
func SendMythicRPCCallbackSearchCommand ¶
func SendMythicRPCCallbackSearchCommand(input MythicRPCCallbackSearchCommandMessage) (*MythicRPCCallbackSearchCommandMessageResponse, error)
type MythicRPCCallbackSearchMessage ¶
type MythicRPCCallbackSearchMessage struct {
// AgentCallbackUUID (Required) - this is the UUID of the callback associated with this search.If this isn't supplied, AgentCallbackID must be supplied.
// This provides the necessary context to scope the search to the right operation.
AgentCallbackUUID string `json:"agent_callback_id"`
// AgentCallbackID (required) - this is the ID of the callback associated with this search. If this isn't supplied, AgentCallbackUUID must be supplied.
AgentCallbackID int `json:"callback_id"`
// SearchCallbackID (Optional) - if you know the real callback ID, you can search via that here.
SearchCallbackID *int `json:"search_callback_id"`
// SearchCallbackDisplayID (Optional) - if you know the display id for the callback (the one that shows up in the UI), then you can search via that here.
SearchCallbackDisplayID *int `json:"search_callback_display_id"`
// SearchCallbackUUID (Optional) - if you know the agent callback uuid for the callback, you can search for that here.
SearchCallbackUUID *string `json:"search_callback_uuid"`
// SearchCallbackUser (Optional) - if you know the user associated with the callback you want, supply that here.
SearchCallbackUser *string `json:"user,omitempty"`
// SearchCallbackHost (Optional) - if you know the hostname of the callback you want, supply that here.
SearchCallbackHost *string `json:"host,omitempty"`
// SearchCallbackPID (Optional) - if you know the PID of the callback you want, supply that here.
SearchCallbackPID *int `json:"pid,omitempty"`
// SearchCallbackExtraInfo (Optional) - if you know the extra info associated with a callback, supply that here.
SearchCallbackExtraInfo *string `json:"extra_info,omitempty"`
// SearchCallbackSleepInfo (Optional) - if you know the sleep information for a callback, supply that here.
SearchCallbackSleepInfo *string `json:"sleep_info,omitempty"`
// SearchCallbackIP (Optional) - if you know the IP address of the callback you want, supply that here
SearchCallbackIP *string `json:"ip,omitempty"`
// SearchCallbackExternalIP (Optional) - if you know the external IP address of the callback you want, supply that here.
SearchCallbackExternalIP *string `json:"external_ip,omitempty"`
// SearchCallbackIntegrityLevel (Optional) - if you know the integrity level of the callback you want, supply that here
SearchCallbackIntegrityLevel *int `json:"integrity_level,omitempty"`
// SearchCallbackOs (Optional) - if you know the detailed OS information for the callback you want, supply that here.
// NOTE: This is NOT the "windows", "Linux", "macOS", etc piece you selected when building a payload.
SearchCallbackOs *string `json:"os,omitempty"`
// SearchCallbackDomain (Optional) - if you know the domain
SearchCallbackDomain *string `json:"domain,omitempty"`
SearchCallbackArchitecture *string `json:"architecture,omitempty"`
SearchCallbackDescription *string `json:"description,omitempty"`
}
type MythicRPCCallbackSearchMessageResponse ¶
type MythicRPCCallbackSearchMessageResponse struct {
Success bool `json:"success"`
Error string `json:"error"`
Results []MythicRPCCallbackSearchMessageResult `json:"results"`
}
func SendMythicRPCCallbackSearch ¶
func SendMythicRPCCallbackSearch(input MythicRPCCallbackSearchMessage) (*MythicRPCCallbackSearchMessageResponse, error)
type MythicRPCCallbackSearchMessageResult ¶
type MythicRPCCallbackSearchMessageResult struct {
ID int `mapstructure:"id" json:"id"`
DisplayID int `mapstructure:"display_id" json:"display_id"`
AgentCallbackID string `mapstructure:"agent_callback_id" json:"agent_callback_id"`
InitCallback time.Time `mapstructure:"init_callback" json:"init_callback"`
LastCheckin time.Time `mapstructure:"last_checkin" json:"last_checkin"`
User string `mapstructure:"user" json:"user"`
Host string `mapstructure:"host" json:"host"`
PID int `mapstructure:"pid" json:"pid"`
Ip string `mapstructure:"ip" json:"ip"`
ExternalIp string `mapstructure:"external_ip" json:"external_ip"`
ProcessName string `mapstructure:"process_name" json:"process_name"`
Description string `mapstructure:"description" json:"description"`
OperatorID int `mapstructure:"operator_id" json:"operator_id"`
Active bool `mapstructure:"active" json:"active"`
RegisteredPayloadUUID string `mapstructure:"registered_payload_uuid" json:"registered_payload_uuid"`
IntegrityLevel int `mapstructure:"integrity_level" json:"integrity_level"`
Locked bool `mapstructure:"locked" json:"locked"`
LockedOperatorID int `mapstructure:"locked_operator_id" json:"locked_operator_id"`
OperationID int `mapstructure:"operation_id" json:"operation_id"`
CryptoType string `mapstructure:"crypto_type" json:"crypto_type"`
DecKey *[]byte `mapstructure:"dec_key" json:"dec_key"`
EncKey *[]byte `mapstructure:"enc_key" json:"enc_key"`
Os string `mapstructure:"os" json:"os"`
Architecture string `mapstructure:"architecture" json:"architecture"`
Domain string `mapstructure:"domain" json:"domain"`
ExtraInfo string `mapstructure:"extra_info" json:"extra_info"`
SleepInfo string `mapstructure:"sleep_info" json:"sleep_info"`
Timestamp time.Time `mapstructure:"timestamp" json:"timestamp"`
}
type MythicRPCCallbackTokenCreateMessage ¶
type MythicRPCCallbackTokenCreateMessage struct {
TaskID int `json:"task_id"` //required
CallbackTokens []MythicRPCCallbackTokenData `json:"callbacktokens"`
}
type MythicRPCCallbackTokenCreateMessageResponse ¶
type MythicRPCCallbackTokenCreateMessageResponse struct {
Success bool `json:"success"`
Error string `json:"error"`
}
func SendMythicRPCCallbackTokenCreate ¶
func SendMythicRPCCallbackTokenCreate(input MythicRPCCallbackTokenCreateMessage) (*MythicRPCCallbackTokenCreateMessageResponse, error)
type MythicRPCCallbackTokenData ¶
type MythicRPCCallbackTokenData = agentMessagePostResponseCallbackTokens
type MythicRPCCallbackTokenRemoveCallbackTokenData ¶
type MythicRPCCallbackTokenRemoveCallbackTokenData = agentMessagePostResponseCallbackTokens
type MythicRPCCallbackTokenRemoveMessage ¶
type MythicRPCCallbackTokenRemoveMessage struct {
TaskID int `json:"task_id"` //required
CallbackTokens []MythicRPCCallbackTokenRemoveCallbackTokenData `json:"callbacktokens"`
}
type MythicRPCCallbackTokenRemoveMessageResponse ¶
type MythicRPCCallbackTokenRemoveMessageResponse struct {
Success bool `json:"success"`
Error string `json:"error"`
}
func SendMythicRPCCallbackTokenRemove ¶
func SendMythicRPCCallbackTokenRemove(input MythicRPCCallbackTokenRemoveMessage) (*MythicRPCCallbackTokenRemoveMessageResponse, error)
type MythicRPCCallbackUpdateMessage ¶
type MythicRPCCallbackUpdateMessage struct {
AgentCallbackUUID *string `json:"agent_callback_id"` // required
CallbackID *int `json:"callback_id"`
TaskID *int `json:"task_id"`
EncryptionKey *[]byte `json:"encryption_key,omitempty"`
DecryptionKey *[]byte `json:"decryption_key,omitempty"`
CryptoType *string `json:"crypto_type,omitempty"`
User *string `json:"user,omitempty"`
Host *string `json:"host,omitempty"`
PID *int `json:"pid,omitempty"`
ExtraInfo *string `json:"extra_info,omitempty"`
SleepInfo *string `json:"sleep_info,omitempty"`
Ip *string `json:"ip,omitempty"`
IPs *[]string `json:"ips,omitempty"`
ExternalIP *string `json:"external_ip,omitempty"`
IntegrityLevel *int `json:"integrity_level,omitempty"`
Os *string `json:"os,omitempty"`
Domain *string `json:"domain,omitempty"`
Architecture *string `json:"architecture,omitempty"`
Description *string `json:"description,omitempty"`
ProcessName *string `json:"process_name,omitempty"`
}
type MythicRPCCallbackUpdateMessageResponse ¶
type MythicRPCCallbackUpdateMessageResponse struct {
Success bool `json:"success"`
Error string `json:"error"`
}
func SendMythicRPCCallbackUpdate ¶
func SendMythicRPCCallbackUpdate(input MythicRPCCallbackUpdateMessage) (*MythicRPCCallbackUpdateMessageResponse, error)
type MythicRPCCommandSearchCommandData ¶
type MythicRPCCommandSearchCommandData struct {
Name string `json:"cmd"`
Version int `json:"version"`
Attributes map[string]interface{} `json:"attributes"`
NeedsAdmin bool `json:"needs_admin"`
HelpCmd string `json:"help_cmd"`
Description string `json:"description"`
SupportedUiFeatures []string `json:"supported_ui_features"`
Author string `json:"author"`
ScriptOnly bool `json:"script_only"`
}
type MythicRPCCommandSearchMessage ¶
type MythicRPCCommandSearchMessage struct {
SearchCommandNames *[]string `json:"command_names,omitempty"`
SearchPayloadTypeName string `json:"payload_type_name"`
SearchSupportedUIFeatures *string `json:"supported_ui_features,omitempty"`
SearchScriptOnly *bool `json:"script_only,omitempty"`
SearchOs *string `json:"os,omitempty"`
// this is an exact match search
SearchAttributes map[string]interface{} `json:"params,omitempty"`
}
type MythicRPCCommandSearchMessageResponse ¶
type MythicRPCCommandSearchMessageResponse struct {
Success bool `json:"success"`
Error string `json:"error"`
Commands []MythicRPCCommandSearchCommandData `json:"commands"`
}
Every mythicRPC function call must return a response that includes the following two values
func SendMythicRPCCommandSearch ¶
func SendMythicRPCCommandSearch(input MythicRPCCommandSearchMessage) (*MythicRPCCommandSearchMessageResponse, error)
type MythicRPCCredentialCreateCredentialData ¶
type MythicRPCCredentialCreateCredentialData = agentMessagePostResponseCredentials
type MythicRPCCredentialCreateMessage ¶
type MythicRPCCredentialCreateMessage struct {
TaskID int `json:"task_id"` //required
Credentials []MythicRPCCredentialCreateCredentialData `json:"credentials"`
}
type MythicRPCCredentialCreateMessageResponse ¶
type MythicRPCCredentialCreateMessageResponse struct {
Success bool `json:"success"`
Error string `json:"error"`
}
func SendMythicRPCCredentialCreate ¶
func SendMythicRPCCredentialCreate(input MythicRPCCredentialCreateMessage) (*MythicRPCCredentialCreateMessageResponse, error)
type MythicRPCCredentialSearchCredentialData ¶
type MythicRPCCredentialSearchCredentialData struct {
Type *string `json:"type" ` // optional
Account *string `json:"account" ` // optional
Realm *string `json:"realm" ` // optional
Credential *string `json:"credential"` // optional
Comment *string `json:"comment"` // optional
Metadata *string `json:"metadata"` // optional
}
type MythicRPCCredentialSearchMessage ¶
type MythicRPCCredentialSearchMessage struct {
TaskID int `json:"task_id"` //required
SearchCredentials MythicRPCCredentialSearchCredentialData `json:"credentials"`
}
type MythicRPCCredentialSearchMessageResponse ¶
type MythicRPCCredentialSearchMessageResponse struct {
Success bool `json:"success"`
Error string `json:"error"`
Credentials []MythicRPCCredentialSearchCredentialData `json:"credentials"`
}
func SendMythicRPCCredentialSearch ¶
func SendMythicRPCCredentialSearch(input MythicRPCCredentialSearchMessage) (*MythicRPCCredentialSearchMessageResponse, error)
type MythicRPCFileBrowserCreateFileBrowserData ¶
type MythicRPCFileBrowserCreateFileBrowserData = agentMessagePostResponseFileBrowser
type MythicRPCFileBrowserCreateMessage ¶
type MythicRPCFileBrowserCreateMessage struct {
TaskID int `json:"task_id"` //required
FileBrowser MythicRPCFileBrowserCreateFileBrowserData `json:"filebrowser"`
}
type MythicRPCFileBrowserCreateMessageResponse ¶
type MythicRPCFileBrowserCreateMessageResponse struct {
Success bool `json:"success"`
Error string `json:"error"`
}
func SendMythicRPCFileBrowserCreate ¶
func SendMythicRPCFileBrowserCreate(input MythicRPCFileBrowserCreateMessage) (*MythicRPCFileBrowserCreateMessageResponse, error)
type MythicRPCFileBrowserRemoveFileBrowserData ¶
type MythicRPCFileBrowserRemoveFileBrowserData = agentMessagePostResponseRemovedFiles
type MythicRPCFileBrowserRemoveMessage ¶
type MythicRPCFileBrowserRemoveMessage struct {
TaskID int `json:"task_id"` //required
RemovedFiles []MythicRPCFileBrowserRemoveFileBrowserData `json:"removed_files"`
}
type MythicRPCFileBrowserRemoveMessageResponse ¶
type MythicRPCFileBrowserRemoveMessageResponse struct {
Success bool `json:"success"`
Error string `json:"error"`
}
func SendMythicRPCFileBrowserRemove ¶
func SendMythicRPCFileBrowserRemove(input MythicRPCFileBrowserRemoveMessage) (*MythicRPCFileBrowserRemoveMessageResponse, error)
type MythicRPCFileCreateMessage ¶
type MythicRPCFileCreateMessage struct {
TaskID int `json:"task_id"`
PayloadUUID string `json:"payload_uuid"`
AgentCallbackID string `json:"agent_callback_id"`
FileContents []byte `json:"-"`
DeleteAfterFetch bool `json:"delete_after_fetch"`
Filename string `json:"filename"`
IsScreenshot bool `json:"is_screenshot"`
IsDownloadFromAgent bool `json:"is_download"`
RemotePathOnTarget string `json:"remote_path"`
TargetHostName string `json:"host"`
Comment string `json:"comment"`
}
MythicRPCFileCreateMessage Must supply one of TaskID, PayloadUUID, or AgentCallbackID so that Mythic can track the file for the right operation
type MythicRPCFileCreateMessageResponse ¶
type MythicRPCFileCreateMessageResponse struct {
Success bool `json:"success"`
Error string `json:"error"`
AgentFileId string `json:"agent_file_id"`
}
func SendMythicRPCFileCreate ¶
func SendMythicRPCFileCreate(input MythicRPCFileCreateMessage) (*MythicRPCFileCreateMessageResponse, error)
type MythicRPCFileGetContentMessage ¶
type MythicRPCFileGetContentMessage struct {
AgentFileID string `json:"file_id"`
}
type MythicRPCFileGetContentMessageResponse ¶
type MythicRPCFileGetContentMessageResponse struct {
Success bool `json:"success"`
Error string `json:"error"`
Content []byte `json:"content"`
}
Every mythicRPC function call must return a response that includes the following two values
func SendMythicRPCFileGetContent ¶
func SendMythicRPCFileGetContent(input MythicRPCFileGetContentMessage) (*MythicRPCFileGetContentMessageResponse, error)
type MythicRPCFileSearchMessage ¶
type MythicRPCFileSearchMessage struct {
TaskID int `json:"task_id"`
CallbackID int `json:"callback_id"`
Filename string `json:"filename"`
LimitByCallback bool `json:"limit_by_callback"`
MaxResults int `json:"max_results"`
Comment string `json:"comment"`
AgentFileID string `json:"file_id"`
IsPayload bool `json:"is_payload"`
IsDownloadFromAgent bool `json:"is_download_from_agent"`
IsScreenshot bool `json:"is_screenshot"`
}
type MythicRPCFileSearchMessageResponse ¶
type MythicRPCFileSearchMessageResponse struct {
Success bool `json:"success"`
Error string `json:"error"`
Files []FileData `json:"files"`
}
Every mythicRPC function call must return a response that includes the following two values
func SendMythicRPCFileSearch ¶
func SendMythicRPCFileSearch(input MythicRPCFileSearchMessage) (*MythicRPCFileSearchMessageResponse, error)
type MythicRPCFileUpdateMessage ¶
type MythicRPCFileUpdateMessage struct {
AgentFileID string `json:"file_id"`
Comment string `json:"comment"`
Filename string `json:"filename"`
AppendContents *[]byte `json:"append_contents,omitempty"`
ReplaceContents *[]byte `json:"-"`
Delete bool `json:"delete"`
DeleteAfterFetch *bool `json:"delete_after_fetch"`
}
type MythicRPCFileUpdateMessageResponse ¶
type MythicRPCFileUpdateMessageResponse struct {
Success bool `json:"success"`
Error string `json:"error"`
}
Every mythicRPC function call must return a response that includes the following two values
func SendMythicRPCFileUpdate ¶
func SendMythicRPCFileUpdate(input MythicRPCFileUpdateMessage) (*MythicRPCFileUpdateMessageResponse, error)
type MythicRPCKeylogCreateMessage ¶
type MythicRPCKeylogCreateMessage struct {
TaskID int `json:"task_id"` //required
Keylogs []MythicRPCKeylogCreateProcessData `json:"keylogs"`
}
type MythicRPCKeylogCreateMessageResponse ¶
type MythicRPCKeylogCreateMessageResponse struct {
Success bool `json:"success"`
Error string `json:"error"`
}
func SendMythicRPCKeylogCreate ¶
func SendMythicRPCKeylogCreate(input MythicRPCKeylogCreateMessage) (*MythicRPCKeylogCreateMessageResponse, error)
type MythicRPCKeylogCreateProcessData ¶
type MythicRPCKeylogCreateProcessData = agentMessagePostResponseKeylogs
type MythicRPCKeylogSearchMessage ¶
type MythicRPCKeylogSearchMessage struct {
TaskID int `json:"task_id"` //required
SearchKeylogs MythicRPCKeylogSearchKeylogData `json:"keylogs"`
}
type MythicRPCKeylogSearchMessageResponse ¶
type MythicRPCKeylogSearchMessageResponse struct {
Success bool `json:"success"`
Error string `json:"error"`
Keylogs []MythicRPCKeylogSearchKeylogData `json:"keylogs"`
}
func SendMythicRPCKeylogSearch ¶
func SendMythicRPCKeylogSearch(input MythicRPCKeylogSearchMessage) (*MythicRPCKeylogSearchMessageResponse, error)
type MythicRPCOperationEventLogCreateMessage ¶
type MythicRPCOperationEventLogCreateMessage struct {
// three optional ways to specify the operation
TaskId *int `json:"task_id"`
CallbackId *int `json:"callback_id"`
CallbackAgentId *string `json:"callback_agent_id"`
OperationId *int `json:"operation_id"`
// the data to store
Message string `json:"message"`
MessageLevel MESSAGE_LEVEL `json:"level"` //info or warning
}
type MythicRPCOperationEventLogCreateMessageResponse ¶
type MythicRPCOperationEventLogCreateMessageResponse struct {
Success bool `json:"success"`
Error string `json:"error"`
}
func SendMythicRPCOperationEventLogCreate ¶
func SendMythicRPCOperationEventLogCreate(input MythicRPCOperationEventLogCreateMessage) (*MythicRPCOperationEventLogCreateMessageResponse, error)
type MythicRPCOtherServiceRPCMessageResponse ¶
type MythicRPCOtherServiceRPCMessageResponse struct {
Success bool `json:"success"`
Error string `json:"error"`
Result map[string]interface{} `json:"result"`
}
func SendMythicRPCOtherServiceRPC ¶
func SendMythicRPCOtherServiceRPC(input MythicRPCOtherServiceRPCMessage) (*MythicRPCOtherServiceRPCMessageResponse, error)
type MythicRPCPayloadAddCommandMessageResponse ¶
type MythicRPCPayloadAddCommandMessageResponse struct {
Success bool `json:"success"`
Error string `json:"error"`
}
func SendMythicRPCPayloadAddCommand ¶
func SendMythicRPCPayloadAddCommand(input MythicRPCPayloadAddCommandMessage) (*MythicRPCPayloadAddCommandMessageResponse, error)
type MythicRPCPayloadCreateFromScratchMessage ¶
type MythicRPCPayloadCreateFromScratchMessage struct {
TaskID int `json:"task_id"`
PayloadConfiguration PayloadConfiguration `json:"payload_configuration"`
RemoteHost *string `json:"remote_host"`
}
type MythicRPCPayloadCreateFromScratchMessageResponse ¶
type MythicRPCPayloadCreateFromScratchMessageResponse struct {
Success bool `json:"success"`
Error string `json:"error"`
NewPayloadUUID string `json:"new_payload_uuid"`
}
Every mythicRPC function call must return a response that includes the following two values
func SendMythicRPCPayloadCreateFromScratch ¶
func SendMythicRPCPayloadCreateFromScratch(input MythicRPCPayloadCreateFromScratchMessage) (*MythicRPCPayloadCreateFromScratchMessageResponse, error)
type MythicRPCPayloadCreateFromUUIDMessageResponse ¶
type MythicRPCPayloadCreateFromUUIDMessageResponse struct {
Success bool `json:"success"`
Error string `json:"error"`
NewPayloadUUID string `json:"new_payload_uuid"`
}
Every mythicRPC function call must return a response that includes the following two values
func SendMythicRPCPayloadCreateFromUuid ¶
func SendMythicRPCPayloadCreateFromUuid(input MythicRPCPayloadCreateFromUUIDMessage) (*MythicRPCPayloadCreateFromUUIDMessageResponse, error)
type MythicRPCPayloadGetContentMessage ¶
type MythicRPCPayloadGetContentMessage struct {
PayloadUUID string `json:"uuid"`
}
type MythicRPCPayloadGetContentMessageResponse ¶
type MythicRPCPayloadGetContentMessageResponse struct {
Success bool `json:"success"`
Error string `json:"error"`
Content []byte `json:"content"`
}
Every mythicRPC function call must return a response that includes the following two values
func SendMythicRPCPayloadGetContent ¶
func SendMythicRPCPayloadGetContent(input MythicRPCPayloadGetContentMessage) (*MythicRPCPayloadGetContentMessageResponse, error)
type MythicRPCPayloadOnHostCreateMessage ¶
type MythicRPCPayloadOnHostCreateMessage struct {
TaskID int `json:"task_id"` //required
PayloadOnHost MythicRPCPayloadOnHostCreateData `json:"payload_on_host"`
}
type MythicRPCPayloadOnHostCreateMessageResponse ¶
type MythicRPCPayloadOnHostCreateMessageResponse struct {
Success bool `json:"success"`
Error string `json:"error"`
}
func SendMythicRPCPayloadOnHostCreate ¶
func SendMythicRPCPayloadOnHostCreate(input MythicRPCPayloadOnHostCreateMessage) (*MythicRPCPayloadOnHostCreateMessageResponse, error)
type MythicRPCPayloadRemoveCommandMessageResponse ¶
type MythicRPCPayloadRemoveCommandMessageResponse struct {
Success bool `json:"success"`
Error string `json:"error"`
}
func SendMythicRPCPayloadRemoveCommand ¶
func SendMythicRPCPayloadRemoveCommand(input MythicRPCPayloadRemoveCommandMessage) (*MythicRPCPayloadRemoveCommandMessageResponse, error)
type MythicRPCPayloadSearchMessage ¶
type MythicRPCPayloadSearchMessage struct {
CallbackID int `json:"callback_id"`
PayloadUUID string `json:"uuid"`
Description string `json:"description"`
Filename string `json:"filename"`
PayloadTypes []string `json:"payload_types"`
IncludeAutoGeneratedPayloads bool `json:"include_auto_generated"`
BuildParameters []MythicRPCPayloadSearchBuildParameter `json:"build_parameters"`
}
type MythicRPCPayloadSearchMessageResponse ¶
type MythicRPCPayloadSearchMessageResponse struct {
Success bool `json:"success"`
Error string `json:"error"`
PayloadConfigurations []PayloadConfiguration `json:"payloads"`
}
Every mythicRPC function call must return a response that includes the following two values
func SendMythicRPCPayloadSearch ¶
func SendMythicRPCPayloadSearch(input MythicRPCPayloadSearchMessage) (*MythicRPCPayloadSearchMessageResponse, error)
type MythicRPCPayloadUpdateBuildStepMessageResponse ¶
type MythicRPCPayloadUpdateBuildStepMessageResponse struct {
Success bool `json:"success"`
Error string `json:"error"`
}
Every mythicRPC function call must return a response that includes the following two values
func SendMythicRPCPayloadUpdateBuildStep ¶
func SendMythicRPCPayloadUpdateBuildStep(input MythicRPCPayloadUpdateBuildStepMessage) (*MythicRPCPayloadUpdateBuildStepMessageResponse, error)
type MythicRPCProcessCreateMessage ¶
type MythicRPCProcessCreateMessage struct {
TaskID int `json:"task_id"` //required
Processes []MythicRPCProcessCreateProcessData `json:"processes"`
}
type MythicRPCProcessCreateMessageResponse ¶
type MythicRPCProcessCreateMessageResponse struct {
Success bool `json:"success"`
Error string `json:"error"`
}
func SendMythicRPCProcessCreate ¶
func SendMythicRPCProcessCreate(input MythicRPCProcessCreateMessage) (*MythicRPCProcessCreateMessageResponse, error)
type MythicRPCProcessCreateProcessData ¶
type MythicRPCProcessCreateProcessData = agentMessagePostResponseProcesses
type MythicRPCProcessSearchMessage ¶
type MythicRPCProcessSearchMessage struct {
TaskID int `json:"task_id"` //required
SearchProcess MythicRPCProcessSearchProcessData `json:"process"`
}
type MythicRPCProcessSearchMessageResponse ¶
type MythicRPCProcessSearchMessageResponse struct {
Success bool `json:"success"`
Error string `json:"error"`
Processes []MythicRPCProcessSearchProcessData `json:"processes"`
}
func SendMythicRPCProcessSearch ¶
func SendMythicRPCProcessSearch(input MythicRPCProcessSearchMessage) (*MythicRPCProcessSearchMessageResponse, error)
type MythicRPCProcessSearchProcessData ¶
type MythicRPCProcessSearchProcessData struct {
Host *string `json:"host" ` // optional
ProcessID *int `json:"process_id" ` // optional
Architecture *string `json:"architecture"` // optional
ParentProcessID *int `json:"parent_process_id" ` // optional
BinPath *string `json:"bin_path" ` // optional
Name *string `json:"name" ` // optional
User *string `json:"user" ` // optional
CommandLine *string `json:"command_line" ` // optional
IntegrityLevel *int `json:"integrity_level" ` // optional
Description *string `json:"description" ` // optional
Signer *string `json:"signer"` // optional
}
type MythicRPCProxyStartMessage ¶
type MythicRPCProxyStartMessage struct {
// TaskID - the TaskID that's starting the proxy connection
TaskID int `json:"task_id"`
// LocalPort - for SOCKS, this is the port to open on the Mythic server.
// For interactive, this is the port to open on the Mythic server
// For rpfwd, this is the port to open on the host where your agent is running.
LocalPort int `json:"local_port"`
// RemotePort - This only needs to be set for rpfwd - this is the remote port to connect to when the LocalPort gets a connection
RemotePort int `json:"remote_port"`
// RemoteIP - This only needs to be set for rpfwd - this is the remote ip to connect to when the LocalPort gets a connection
RemoteIP string `json:"remote_ip"`
// PortType - What type of proxy connection are you opening
// CALLBACK_PORT_TYPE_SOCKS
// CALLBACK_PORT_TYPE_RPORTFWD
// CALLBACK_PORT_TYPE_INTERACTIVE
PortType string `json:"port_type"`
}
type MythicRPCProxyStartMessageResponse ¶
type MythicRPCProxyStartMessageResponse struct {
Success bool `json:"success"`
Error string `json:"error"`
LocalPort int `json:"local_port"`
}
func SendMythicRPCProxyStart ¶
func SendMythicRPCProxyStart(input MythicRPCProxyStartMessage) (*MythicRPCProxyStartMessageResponse, error)
type MythicRPCProxyStopMessageResponse ¶
type MythicRPCProxyStopMessageResponse struct {
Success bool `json:"success"`
Error string `json:"error"`
LocalPort int `json:"local_port"`
}
func SendMythicRPCProxyStop ¶
func SendMythicRPCProxyStop(input MythicRPCProxyStopMessage) (*MythicRPCProxyStopMessageResponse, error)
type MythicRPCResponse ¶
type MythicRPCResponseCreateMessageResponse ¶
type MythicRPCResponseCreateMessageResponse struct {
Success bool `json:"success"`
Error string `json:"error"`
}
func SendMythicRPCResponseCreate ¶
func SendMythicRPCResponseCreate(input MythicRPCResponseCreateMessage) (*MythicRPCResponseCreateMessageResponse, error)
type MythicRPCResponseSearchMessageResponse ¶
type MythicRPCResponseSearchMessageResponse struct {
Success bool `json:"success"`
Error string `json:"error"`
Responses []MythicRPCResponse `json:"responses"`
}
func SendMythicRPCResponseSearch ¶
func SendMythicRPCResponseSearch(input MythicRPCResponseSearchMessage) (*MythicRPCResponseSearchMessageResponse, error)
type MythicRPCTaskCreateMessage ¶ added in v1.3.0
type MythicRPCTaskCreateMessageResponse ¶ added in v1.3.0
type MythicRPCTaskCreateMessageResponse struct {
Success bool `json:"success"`
Error string `json:"error"`
TaskID int `json:"task_id"`
TaskDisplayID int `json:"task_display_id"`
}
Every mythicRPC function call must return a response that includes the following two values
func SendMythicRPCTaskCreate ¶ added in v1.3.0
func SendMythicRPCTaskCreate(input MythicRPCTaskCreateMessage) (*MythicRPCTaskCreateMessageResponse, error)
type MythicRPCTaskCreateSubtaskGroupMessage ¶
type MythicRPCTaskCreateSubtaskGroupMessage struct {
TaskID int `json:"task_id"` // required
GroupName string `json:"group_name"` // required
GroupCallbackFunction *string `json:"group_callback_function,omitempty"`
Tasks []MythicRPCTaskCreateSubtaskGroupTasks `json:"tasks"` // required
}
type MythicRPCTaskCreateSubtaskGroupMessageResponse ¶
type MythicRPCTaskCreateSubtaskGroupMessageResponse struct {
Success bool `json:"success"`
Error string `json:"error"`
TaskIDs []int `json:"task_ids"`
}
Every mythicRPC function call must return a response that includes the following two values
func SendMythicRPCTaskCreateSubtaskGroup ¶
func SendMythicRPCTaskCreateSubtaskGroup(input MythicRPCTaskCreateSubtaskGroupMessage) (*MythicRPCTaskCreateSubtaskGroupMessageResponse, error)
type MythicRPCTaskCreateSubtaskGroupTasks ¶
type MythicRPCTaskCreateSubtaskGroupTasks struct {
SubtaskCallbackFunction *string `json:"subtask_callback_function,omitempty"`
CommandName string `json:"command_name"` // required
Params string `json:"params"` // required
ParameterGroupName *string `json:"parameter_group_name,omitempty"`
Token *int `json:"token,omitempty"`
}
type MythicRPCTaskCreateSubtaskMessage ¶
type MythicRPCTaskCreateSubtaskMessage struct {
TaskID int `json:"task_id"`
SubtaskCallbackFunction *string `json:"subtask_callback_function,omitempty"`
CommandName string `json:"command_name"`
Params string `json:"params"`
ParameterGroupName *string `json:"parameter_group_name,omitempty"`
Token *int `json:"token,omitempty"`
}
type MythicRPCTaskCreateSubtaskMessageResponse ¶
type MythicRPCTaskCreateSubtaskMessageResponse struct {
Success bool `json:"success"`
Error string `json:"error"`
TaskID int `json:"task_id"`
}
Every mythicRPC function call must return a response that includes the following two values
func SendMythicRPCTaskCreateSubtask ¶
func SendMythicRPCTaskCreateSubtask(input MythicRPCTaskCreateSubtaskMessage) (*MythicRPCTaskCreateSubtaskMessageResponse, error)
type MythicRPCTaskDisplayToRealIdSearchMessageResponse ¶
type MythicRPCTaskDisplayToRealIdSearchMessageResponse struct {
Success bool `json:"success"`
Error string `json:"error"`
TaskID int `json:"task_id"`
}
Every mythicRPC function call must return a response that includes the following two values
func SendMythicRPCTaskDisplayToRealIdSearch ¶
func SendMythicRPCTaskDisplayToRealIdSearch(input MythicRPCTaskDisplayToRealIdSearchMessage) (*MythicRPCTaskDisplayToRealIdSearchMessageResponse, error)
type MythicRPCTaskSearchMessage ¶
type MythicRPCTaskSearchMessage struct {
TaskID int `json:"task_id"`
SearchTaskID *int `json:"search_task_id"`
SearchTaskDisplayID *int `json:"search_task_display_id"`
SearchAgentTaskID *string `json:"agent_task_id,omitempty"`
SearchHost *string `json:"host,omitempty"`
SearchCallbackID *int `json:"callback_id,omitempty"`
SearchCompleted *bool `json:"completed,omitempty"`
SearchCommandNames *[]string `json:"command_names,omitempty"`
SearchParams *string `json:"params,omitempty"`
}
type MythicRPCTaskSearchMessageResponse ¶
type MythicRPCTaskSearchMessageResponse struct {
Success bool `json:"success"`
Error string `json:"error"`
Tasks []PTTaskMessageTaskData `json:"tasks"`
}
Every mythicRPC function call must return a response that includes the following two values
func SendMythicRPCTaskSearch ¶
func SendMythicRPCTaskSearch(input MythicRPCTaskSearchMessage) (*MythicRPCTaskSearchMessageResponse, error)
type MythicRPCTaskUpdateMessage ¶
type MythicRPCTaskUpdateMessage struct {
TaskID int `json:"task_id"`
UpdateStatus *string `json:"update_status,omitempty"`
UpdateStdout *string `json:"update_stdout,omitempty"`
UpdateStderr *string `json:"update_stderr,omitempty"`
UpdateCommandName *string `json:"update_command_name,omitempty"`
UpdateCompleted *bool `json:"update_completed,omitempty"`
}
type MythicRPCTaskUpdateMessageResponse ¶
type MythicRPCTaskUpdateMessageResponse struct {
Success bool `json:"success"`
Error string `json:"error"`
}
Every mythicRPC function call must return a response that includes the following two values
func SendMythicRPCTaskUpdate ¶
func SendMythicRPCTaskUpdate(input MythicRPCTaskUpdateMessage) (*MythicRPCTaskUpdateMessageResponse, error)
type MythicRPCTokenCreateMessage ¶
type MythicRPCTokenCreateMessage struct {
TaskID int `json:"task_id"` //required
Tokens []MythicRPCTokenCreateTokenData `json:"tokens"`
}
type MythicRPCTokenCreateMessageResponse ¶
type MythicRPCTokenCreateMessageResponse struct {
Success bool `json:"success"`
Error string `json:"error"`
}
func SendMythicRPCTokenCreate ¶
func SendMythicRPCTokenCreate(input MythicRPCTokenCreateMessage) (*MythicRPCTokenCreateMessageResponse, error)
type MythicRPCTokenCreateTokenData ¶
type MythicRPCTokenCreateTokenData = agentMessagePostResponseToken
type MythicRPCTokenRemoveMessage ¶
type MythicRPCTokenRemoveMessage struct {
TaskID int `json:"task_id"` //required
Tokens []MythicRPCTokenRemoveTokenData `json:"tokens"`
}
type MythicRPCTokenRemoveMessageResponse ¶
type MythicRPCTokenRemoveMessageResponse struct {
Success bool `json:"success"`
Error string `json:"error"`
}
func SendMythicRPCTokenRemove ¶
func SendMythicRPCTokenRemove(input MythicRPCTokenRemoveMessage) (*MythicRPCTokenRemoveMessageResponse, error)
type MythicRPCTokenRemoveTokenData ¶
type MythicRPCTokenRemoveTokenData = agentMessagePostResponseToken
type PTTaskMessageTaskData ¶
type PTTaskMessageTaskData struct {
ID int `json:"id"`
DisplayID int `json:"display_id"`
AgentTaskID string `json:"agent_task_id"`
CommandName string `json:"command_name"`
Params string `json:"params"`
Timestamp string `json:"timestamp"`
CallbackID int `json:"callback_id"`
Status string `json:"status"`
OriginalParams string `json:"original_params"`
DisplayParams string `json:"display_params"`
Comment string `json:"comment"`
Stdout string `json:"stdout"`
Stderr string `json:"stderr"`
Completed bool `json:"completed"`
OpsecPreBlocked bool `json:"opsec_pre_blocked"`
OpsecPreMessage string `json:"opsec_pre_message"`
OpsecPreBypassed bool `json:"opsec_pre_bypassed"`
OpsecPreBypassRole string `json:"opsec_pre_bypass_role"`
OpsecPostBlocked bool `json:"opsec_post_blocked"`
OpsecPostMessage string `json:"opsec_post_message"`
OpsecPostBypassed bool `json:"opsec_post_bypassed"`
OpsecPostBypassRole string `json:"opsec_post_bypass_role"`
ParentTaskID int `json:"parent_task_id"`
OperatorUsername string `json:"operator_username"`
SubtaskCallbackFunction string `json:"subtask_callback_function"`
SubtaskCallbackFunctionCompleted bool `json:"subtask_callback_function_completed"`
GroupCallbackFunction string `json:"group_callback_function"`
GroupCallbackFunctionCompleted bool `json:"group_callback_function_completed"`
CompletedCallbackFunction string `json:"completed_callback_function"`
CompletedCallbackFunctionCompleted bool `json:"completed_callback_function_completed"`
SubtaskGroupName string `json:"subtask_group_name"`
TaskingLocation string `json:"tasking_location"`
ParameterGroupName string `json:"parameter_group_name"`
TokenID int `json:"token_id"`
}
type PayloadConfiguration ¶
type PayloadConfiguration struct {
Description string `json:"description"`
PayloadType string `json:"payload_type" binding:"required"`
C2Profiles *[]PayloadConfigurationC2Profile `json:"c2_profiles,omitempty"`
BuildParameters *[]PayloadConfigurationBuildParameter `json:"build_parameters,omitempty"`
Commands []string `json:"commands"`
SelectedOS string `json:"selected_os" binding:"required"`
Filename string `json:"filename" binding:"required"`
WrappedPayloadUUID string `json:"wrapped_payload"`
UUID string `json:"uuid"`
AgentFileID string `json:"agent_file_id"`
BuildPhase string `json:"build_phase"`
}
exporting a payload configuration
type PayloadConfigurationBuildParameter ¶
type PayloadConfigurationBuildParameter struct {
Name string `json:"name" binding:"required"`
Value interface{} `json:"value" binding:"required"`
}
Source Files
¶
- send_mythic_rpc_agentstorage_create.go
- send_mythic_rpc_agentstorage_remove.go
- send_mythic_rpc_agentstorage_search.go
- send_mythic_rpc_artifact_create.go
- send_mythic_rpc_artifact_search.go
- send_mythic_rpc_callback_add_command.go
- send_mythic_rpc_callback_create.go
- send_mythic_rpc_callback_decrypt_bytes.go
- send_mythic_rpc_callback_display_to_real_id_search.go
- send_mythic_rpc_callback_edge_search.go
- send_mythic_rpc_callback_encrypt_bytes.go
- send_mythic_rpc_callback_remove_command.go
- send_mythic_rpc_callback_search.go
- send_mythic_rpc_callback_search_command.go
- send_mythic_rpc_callback_update.go
- send_mythic_rpc_callbacktoken_create.go
- send_mythic_rpc_callbacktoken_remove.go
- send_mythic_rpc_command_search.go
- send_mythic_rpc_credential_create.go
- send_mythic_rpc_credential_search.go
- send_mythic_rpc_file_create.go
- send_mythic_rpc_file_get_content.go
- send_mythic_rpc_file_search.go
- send_mythic_rpc_file_update.go
- send_mythic_rpc_filebrowser_create.go
- send_mythic_rpc_filebrowser_remove.go
- send_mythic_rpc_keylog_create.go
- send_mythic_rpc_keylog_search.go
- send_mythic_rpc_operationeventlog_create.go
- send_mythic_rpc_other_service_rpc.go
- send_mythic_rpc_payload_add_comand.go
- send_mythic_rpc_payload_create_from_scratch.go
- send_mythic_rpc_payload_create_from_uuid.go
- send_mythic_rpc_payload_get_content.go
- send_mythic_rpc_payload_remove_comand.go
- send_mythic_rpc_payload_search.go
- send_mythic_rpc_payload_update_build_step.go
- send_mythic_rpc_payloadonhost_create.go
- send_mythic_rpc_process_create.go
- send_mythic_rpc_process_search.go
- send_mythic_rpc_proxy_start.go
- send_mythic_rpc_proxy_stop.go
- send_mythic_rpc_response_create.go
- send_mythic_rpc_response_search.go
- send_mythic_rpc_task_create.go
- send_mythic_rpc_task_create_subtask group.go
- send_mythic_rpc_task_create_subtask.go
- send_mythic_rpc_task_display_to_real_id_search.go
- send_mythic_rpc_task_search.go
- send_mythic_rpc_task_update.go
- send_mythic_rpc_token_create.go
- send_mythic_rpc_token_remove.go
- structs.go
Click to show internal directories.
Click to hide internal directories.